RSA Blog - February 2016

  • 2/29/2016 - IDaaS, the New Identity White Whale or the Fish That Shouldn't Get Away? In Herman Melville’s epic novel Moby Dick, a crazed mariner wildly pursues an unattainable beast with tragic consequences. So too can the pursuit of identity solutions that give visibility to and control over cloud, mobile, web, and legacy applications feel like a wild quest. To this end, many organizations following the general IT trend of...
  • 2/29/2016 - Hiding in Plain Sight: The Growth of Cybercrime in Social Media Social media attracts all kinds. These sites are used for catching up with friends on Facebook, instant news dissemination on Twitter, partisan political viewpoints expressed in online forums, real-time reach outs on Snapchat, professional networking on LinkedIn — and now, not surprisingly, they’re used as global havens for cybercrime. Today, we are announcing the release...
  • 2/26/2016 - Moving from Low to High-Fidelity Security In the 1940s and 50s home audio systems went through a high-fidelity revolution. This is the period when the music recording industry and stereo manufacturers dramatically improved the audio experience for consumers.  Technically it had to do with the improved audio capture, more sophisticated mastering (stereophonics), and dramatically improved reproduction of music, all at a...
  • 2/23/2016 - E5 - The Flies and the Hornet - Technical Dialogue Episode #5 of Defend the Kingdom, “The Flies and the Hornet”, begins with Marty briefing Dave Reinhardt the CISO on a significant compromise of MagnaCorp’s security.  Improper logins, remnants of cracking utilities and other evidence clearly indicates a serious problem.  The source of the intrusion, while still unknown at this time, points towards a nefarious...
  • 2/19/2016 - Threat Detection Techniques - ATM Malware There once was a time when stealing money from a bank ATM required actual physical manipulation of the terminal itself.  Many criminal schemes have been repeated throughout the years, ranging from physical destruction of the terminal (ramming it with a vehicle) to the use of ‘skimmers’ to steal customer credentials.  Successful ATM capers were not...
  • 2/18/2016 - Measure your Readiness - Incident Response Program In today’s threat landscape it is a challenge to prevent the entire spectrum of attack vectors from impacting an organization. This is especially true with the increased adoption of new disruptive technologies and services such as cloud computing, mobility, BYOD and an increase in collaboration with third-parties who have access to the corporate’s network. On...
  • 2/17/2016 - Operationalizing Monitoring and Response Operationalizing Monitoring and Response
  • 2/16/2016 - Is the Internet of Things the (Second) Coming of Big Brother? For years, my PC ran on XP, Microsoft’s most robust, steady and never-say-die operating system. It was a lot like my old Dodge Aspen that ran and ran and ran and was still going when the odometer reached 200,000 miles— the Energizer of its day. However, just as I ultimately had to replace my beloved...
  • 2/16/2016 - E5 - The Flies and the Hornet - The Hornet's Sting The Ghost waited patiently on a hill overlooking the castle and contemplated his last few days.  His journey from the Frontier had been eventful.  Hiding from shadow to shadow, he had traversed the miles with deliberation and an overabundance of caution from his first entry into the Kingdom.  Abandoned hunting shacks, ancient caves, run down...
  • 2/15/2016 - The Financial Fraud Effect of Real-Time Payments Several weeks ago, I published an article which provided a summary of the Australian Payments Council’s Australian Payments Plan.  This plan is designed as a strategic roadmap for the future of Australian payments, specifically the initiative around the New Payments Platform, or NPP.  In short, the NPP is going to introduce the ability to send funds in real-time via online banking as a...
  • 2/12/2016 - Improving Speed of Investigation with Automation and Enrichment It is important for security analysts to have all the details of the incident when investigating. By having the details, a security analyst can improve the speed of investigation but most importantly the investigation is effective to put in place a response plan. How can the security analyst get these details?  The first step is...
  • 2/12/2016 - The Wheel of Suffering: Don't Be a Jerk to Your Future Self Findings. Defects. Whatever you call them, your organization’s security posture is full of them. At RSA, we use the umbrella term “Issues Management”. So many organizations handle their vulnerabilities, misconfigurations, failed controls, and policy and process gaps the same way: the hard way. The hard way is the reactive way, the just-in-time way, and the...
  • 2/11/2016 - Threat Detection Benchmark Part 1: Uncovering Threat Vectors When it comes to securing modern IT environments, your strategy hinges on your ability to detect threats. Unfortunately, organizations often rely on only a few sources of threat detection data to provide a foundation for their security strategy, which leads to inadequate visibility and, in turn, greater risk. In Part 1 of this threat detection...
  • 2/11/2016 - Biometrics: A Next-Generation Authentication Mechanism Biometrics: a next-generation authentication mechanism
  • 2/10/2016 - E5 - The Flies and the Hornet - Swatting Flies “How’s it coming?”  Marty entered Erin’s office unannounced.  They had spent so much time shuttling back and forth between his desk and her office that they dropped all formalities and decorum. Erin looked up from her screen.  “Swatting flies,” she said wearily. ‘Swatting flies’ had become their slogan as they tracked down compromised accounts and...
  • 2/10/2016 - Applauding the President's Cybersecurity National Action Plan “The Cybersecurity industry is fundamentally broken… and the problem is not technology, but mindset.”  These recent remarks by RSA President Amit Yoran have been echoed around the country and in the halls of government in the wake of serious breaches to the Federal government. From last year’s OPM breach, to last week’s breaches impacting DHS...
  • 2/8/2016 - Time to track our issues again...feels like Groundhog Day In the 1993 movie, Groundhog Day, Phil (Bill Murray), an arrogant weatherman, is out to cover the annual emergence of the groundhog from its hole. He gets caught in a blizzard that he didn’t predict and finds himself trapped in a time warp. He is doomed to relive the same day over and over again until he...
  • 2/8/2016 - Is Canada really better at Cyber? The 2016 Cyber Readiness Study of Canadian Organizations was published today by Scalar Decisions, a solution provider based in Toronto, and RSA partner.  Scalar was recently rated #1 for Security among Information Communications and Technology companies in Canada by The Branham Group. When we compare the results of the second annual Scalar Security Study with...
  • 2/8/2016 - Beyond the Login: Web Behavior Analytics Helps Retailers Stop Fraud In a world of scammers, fraudsters and bad actors, there are two immutable rules thoroughly entrenched in the consciousness of IT professionals trying to stop them.  Rule 1: If there is something to monetize, cybercriminals will find it.  Rule 2: If you have a loophole or weak control on your website, cybercriminals will find it....
  • 2/5/2016 - The Role of Tor in Cybercrime Tor is used by anyone who wants to remain anonymous on the Internet.  The price of anonymity is performance and an increased risk of malicious content. And while Tor can be used to conduct both legal and illegal activities, the predominant use cases are not good.
  • 2/4/2016 - Ramping Up Security Monitoring of Public Clouds It is no secret that organizations are increasingly placing their security sensitive applications and data into the hands of public cloud service providers, whether via SaaS, PaaS, or IaaS-based cloud infrastructures. But what does this mean for an organization’s security monitoring program, namely their security focused detection, investigation, & response capabilities?  How can an organization’s...
  • 2/3/2016 - Context-Based, Next-Generation Authentication: Key Traits and Endurance context-based, next-generation authentication
  • 2/2/2016 - Does DDoS Takedowns Really Change Extortion Rules of Engagement? Will DDoS takedowns change our rules of engagement for cyber extortion?
  • 2/2/2016 - E5 - The Flies and the Hornet - Insect Bites A cool breeze whisked through the window causing the scrolls on the Wizard’s desk to rattle and tremor.  The wise man shifted a large scroll to weigh down some loose papers.  He reallocated a heavy paper weight to secure some more papers.  The weather had turned cold but the Wizard enjoyed the brisk air flowing...